Skip to main content
SpringerLink
Log in
Book cover

Workshop on Secure Data Management

SDM 2013: Secure Data Management pp 18–22Cite as

Security and Privacy of Data in a Cloud

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8425))

Abstract

The goals of this brief note are to describe some of the research progress that has been made to date and elaborate on the fundamental challenges facing the research community in security and privacy of data stored in a cloud.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: Proceedings of CIDR, Asilomar, CA (2005)

    Google Scholar 

  2. Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of SIGMOD, Paris, France (2004)

    Google Scholar 

  3. Bowers, K.D., van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: How to tell if your cloud files are vulnerable to drive crashes. In: Proceedings of ACM CCS (2011)

    Google Scholar 

  4. Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM TISSEC 8(1), 119–152 (2005)

    Article  Google Scholar 

  5. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Proceedings of EUROCRYPT 2003, Warsaw, Poland (2003)

    Google Scholar 

  6. Ciriani, V., De Capitani, S., Samarati, P.: Enforcing confidentiality constraints on sensitive databases with lightweight trusted clients. In: Proceedings of DBSec, Montreal, Canada (2009)

    Google Scholar 

  7. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM TISSEC 13(3), 22:1–22:33 (2010)

    Article  Google Scholar 

  9. Damiani, E., De Capitani, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of CCS, Washington, DC (2003)

    Google Scholar 

  10. De Capitani, S., di Vimercati, S., Foresti, S., Jajodia, S.: On information leakage by indexes over data fragments. In: Proceedings of PrivDB, Brisbane, Australia (2013)

    Google Scholar 

  11. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM TODS 35(2), 12:1–12:46 (2010)

    Google Scholar 

  12. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Support for Write privileges on outsourced data. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 199–210. Springer, Heidelberg (2012)

    Google Scholar 

  13. Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.. Authentic third-party data publication. In: Proceedings of DBSec 2000 (2000)

    Google Scholar 

  14. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Database security and privacy. In: Topi, H. (ed.) Computing Handbook, Third Edition: Information Systems and Information Technology, vol. 2. Taylor & Francis, Boca Raton (2013)

    Google Scholar 

  15. Ganapathy, V., Thomas, D., Feder, T., Garcia-Molina, H., Motwani, R.: Distributing data for secure database services. In: Proceedings of PAIS, Uppsala, Sweden (2011)

    Google Scholar 

  16. Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of ICDE, San Jose, CA (2002)

    Google Scholar 

  17. Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y.J., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004)

    Google Scholar 

  18. Hacigümüş, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of SIGMOD, Madison, WI (2002)

    Google Scholar 

  19. Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of SIGMOD, Chicago, IL (2006)

    Google Scholar 

  20. Liu, R., Wang, H.: Integrity verification of outsourced XML databases. In: Proceedings of CSE, Vancouver, Canada (2009)

    Google Scholar 

  21. Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM TOS 2(2), 107–138 (2006)

    Article  Google Scholar 

  22. Narasimha, M., Tsudik, G.: DSAC: integrity for outsourced databases with signature aggregation and chaining. In: Proceedings of CIKM, Bremen, Germany, 31 Oct–5 Nov 2005 (2005)

    Google Scholar 

  23. Pang, H., Jain, A., Ramamritham, K., Tan, K.L.: Verifying completeness of relational query results in data publishing. In: Proceedings of SIGMOD, Baltimore, MA (2005)

    Google Scholar 

  24. Pang, H., Tan, K.L.: Authenticating query results in edge computing. In: Proceedings of ICDE, Boston, MA (2004)

    Google Scholar 

  25. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of ACM CCS (2009)

    Google Scholar 

  26. Samarati, P., De Capitani, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of ASIACCS, China (2010)

    Google Scholar 

  27. Wang, H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted XML databases. In: Proceedings of VLDB, Seoul, Korea (2006)

    Google Scholar 

  28. Wang, H., Yin, J., Perng, C., Yu, P.S.: Dual encryption for query integrity assurance. In: Proceedings of CIKM, Napa Valley, CA (2008)

    Google Scholar 

  29. Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of VLDB, Vienna, Austria (2007)

    Google Scholar 

  30. Xie, M., Wang, H., Yin, J., Meng, X.: Providing freshness guarantees for outsourced databases. In: Proceedings of EDBT, Nantes, France (2008)

    Google Scholar 

  31. Wang, Z., Sun, K., Jajodia, S., Jing, J.: Disk storage isolation and verification in cloud. In: Proceedings of IEEE Globecom, Anaheim, CA (2012)

    Google Scholar 

  32. Yang, Y., Papadias, D., Papadopoulos, S., Kalnis, P.: Authenticated join processing in outsourced databases. In: Proceedings of SIGMOD, Providence, RI, 29 June–2 July 2009 (2009)

    Google Scholar 

Download references

Acknowledgement

My collaborators – Pierangela Samarati, Sabrina De Capitani di Vimercati, Sara Foresti, Stefano Paraboschi, and Zhan Wang – deserve much of the credit for the technical contributions summarized in this paper. See [14, 31] for greater details on many of the ideas in this note.

This research was funded in part by the US Army Research Office under MURI grant W911NF-09-1-0525 and DURIP grant W911NF-11-1-0340. Part of the work was performed while Sushil Jajodia was a Visiting Researcher at the US Army Research Laboratory.

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, USA

    Sushil Jajodia

Authors
  1. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sushil Jajodia .

Editor information

Editors and Affiliations

  1. EIT ICT Labs/University of Twente, Enschede, The Netherlands

    Willem Jonker

  2. Philips Research/Eindhoven University of Technology, Eindhoven, The Netherlands

    Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Jajodia, S. (2014). Security and Privacy of Data in a Cloud. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2013. Lecture Notes in Computer Science(), vol 8425. Springer, Cham. https://doi.org/10.1007/978-3-319-06811-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-06811-4_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-06810-7

  • Online ISBN: 978-3-319-06811-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation